Releases: Binsabbar/oracle-cloud-terraform
Releases · Binsabbar/oracle-cloud-terraform
v2.12.0
New
instances
: Add option to enable/disable cloud agent plugins.- new
agent_plugins
setting
- new
network
: Configure VCN DNS Resolver with attaching Private custom list of object of views, earlier views in the list have higher priority in resolution.- new
dns_private_views
setting
- new
dns-management
: support to create custom dns views and edit existing protected views
Fix
None
Breaking Changes
dns-management
Add support to create private custom view or edit existing protected views, also module input is changed completely it now requires two objectsprotected_views
orcustom_views
under each map of object of views, under each you define map of object of zones and under each zone you define map of object of records.- WARNING: This change will destroy and recreate all the DNS resources and will cause connection issue untill new resources created.
from:
module "dns" {
...
compartment_id = "ocid1.compartment.oc1..example1"
view_id = "ocid1.dnsview.oc1..example1"
zones = {
// ZONE 1
"test" = {
name = "test.com"
}
// ZONE 2
"test-2" = {
name = "test-2.com"
}
}
records = {
// RECORD 1
"test" = {
domain_name = "*.test.com"
rtype = "A"
zone_name = "test.com"
rdata = "xxx.xxx.xxx.xxx"
ttl = 300
}
// RECORD 2
"test-2" = {
domain_name = "something.test-2.com"
rtype = "A"
zone_name = "test-2.com"
rdata = "xxx.xxx.xxx.xxx"
ttl = 300
}
}
}
to:
module "dns" {
...
private_dns = {
protected_views = {
"stage_protected_views" = {
view_id = "ocid1.dnsview.oc1..example1"
compartment_id = "ocid1.compartment.oc1..example1"
zones = {
"test-com" = {
zone_name = "test.com"
records = {
"test" = {
domain_name = "*.test.com"
rdata = "xxx.xxx.xxx.xxx"
# rtype and ttl will use defaults (A and 300)
}
}
}
"test-2-com" = {
zone_name = "test-2.com"
records = {
"test-2" = {
domain_name = "something.test-2.com"
rdata = "xxx.xxx.xxx.xxx"
}
}
}
}
}
}
custom_views = {}
}
}
New Contributors
- @dawidrogowicz made their first contribution in #84
- @mohamed-esam made their first contribution in #86
Full Changelog: v2.11.0...v2.12.0
v2.11.0
New
network-sg
: add support for all rule types: ip cidrs, service cidrs and nsg ids.- see the example in the module for how to use the new variable.
- the default value is
CIDR_BLOCK
to ensure backward compatibility. - add new variables:
var.network_security_groups.*.*.type
var.network_security_groups.*.*.ips
var.network_security_groups.*.*.nsg_ids
var.network_security_groups.*.*.service_cidrs
- They are optional based on the type, if type is not set, then
var.network_security_groups.*.*.ips
becomes mandatory.
kubernetes
: Ability to add user defined tags for OKE nodes by using the optional variablenode_pools.*.defined_tags
Fix
instances
: Ignore changes made tometadata.user_data
in any instance, since changing the value will destroy and recreate the instance.
resource "oci_core_instance" "instances" {
...
...
metadata = {
ssh_authorized_keys = each.value.autherized_keys
user_data = lookup(each.value.optionals, "user_data", null)
}
lifecycle {
ignore_changes = [
metadata["user_data"] <------------------------------ note this
]
}
}
Breaking Changes
None
Full Changelog: v2.10.0...v2.11.0
v2.10.0
New
network-sg
: change input type to support ports range invar.network_security_groups.*.ports
variable.
Fix
None
Breaking Changes
network-sg
modules input fornetwork_security_groups
is updated. The subkeyport
is replaced withports
and it is now a map of two objectsmax
andmin
.
network_security_groups = {
"group_1" = {
"rule_1" = {
direction = "INGRESS"
protocol = "tcp"
port = { min : 9090, max : 9090 }
ips = ["192.168.100.12", "192.168.100.12"]
}
}
}
- Currently there is no easy migration path for this change, since the terraform resource name is updated. However, destroying and recreating the rules is the best and fastest way to do it, however, it might impact your networks for few minutes. Alternatively, reference the new release in a new module definition, and migration your rules one by one.
Full Changelog: v2.9.0...v2.10.0
v2.9.0
New
identity
: add new argumentcapabilities
invar.service_accounts
variable.
Fix
- Correct
path
argument bysource
argument to specify the module path inidentity
module usage examples inREADME.md
.
Breaking Changes
identity
modules input forservice_accounts
is updated. A new keycapabilities
is now required undervar.service_accounts.*
.- Add
capabilities
and set its value to{}
.
- Add
from:
module "identity" { ... service_accounts = toset(["terraform-cli"]) ... }
to:
module "identity" { ... service_accounts = { "terraform-cli" = { name = "terraform-cli", capabilities = {} } } ... }
Full Changelog: v2.8.0...v2.9.0
v2.8.0
v2.8.0:
New
instances
: add new argumentavailability_config
. for VM migration during infrastructure maintenance events
Fix
None
Breaking Changes
instances
modules input is updated. A new keyavailability_config
is now required undervar.instances.*.config
.- Add
is_live_migration_preferred
and set its value totrue
. Example of partial instance object. - Add
recovery_action
and set its value toRESTORE_INSTANCE
. Example of partial instance object.
- Add
instances = {
...
...
...
network_sgs_ids = [
"ocixxxxxx.xxxxxx.xxxxx", "ocixxxxxx.xxxxxx.xxxxx",
]
primary_vnic = {
primary_ip = ""
secondary_ips = {}
}
availability_config = { <--------------------------------------------------- note this block
recovery_action = "RESTORE_INSTANCE"
is_live_migration_preferred = false
}
}
...
...
v2.7.1
v2.7.0
v2.7.0:
New
instances
: addboot_volume_backup_policies
to the input as optional value.instances
: addinstances[*].optional.reference_to_backup_policy_key_name
to theinstance
variable input as optional value to enable scheduled backup of boot volume
Fix
None
Breaking Changes
None
v2.6.1
v2.6.0
v2.5.0
v2.5.0:
New
network
: Add route rule to the default public route table when service gateway is enabled (note this is optional to add it to public subnet). Please refer to known issues with service gateway in public subnet before enabling it in public subnet.
Fix
None
Breaking Changes
network
modules input is updated. A new keyadd_route_rule_in_public_subnet
is now required undervar.service_gateway
.- Add
add_route_rule_in_public_subnet
and set its value tofalse
. See module's readme for full example.
- Add
service_gateway = {
enable = true
service_id = "ocid1.service.oc1.xxxxxxx"
route_rule_destination = "all-pox-services-in-oracle-services-network"
add_route_rule_in_public_subnet = false <-------------------------------------- note this line
optionals = {
route_table_id = "oci.xxxxxxxxx"
}
}